package com.sixbro.authorization.api;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletResponse;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;

/**
 * <p>
 *
 * </p>
 *
 * @author: Mr.Lu
 * @since: 2021/11/2 16:10
 */
@RestController
public class OAuth2Controller {

    @Autowired
    private TokenEndpoint tokenEndpoint;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private DefaultTokenServices defaultTokenServices;

    @PostMapping("/oauth/token")
    public Object postAccessToken(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
        OAuth2AccessToken oAuth2AccessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
        return oAuth2AccessToken;
    }

    @RequestMapping("/rediect")
    public String rediect(HttpServletResponse responsel, String clientId, String token) {
        OAuth2Authentication oAuth2Authentication = tokenStore.readAuthentication(token);
        if (oAuth2Authentication == null) {
            throw new InvalidTokenException("Invalid access token: " + token);
        }
        OAuth2Request request = oAuth2Authentication.getOAuth2Request();
        Map map = new HashMap();
        map.put("code", request.getRequestParameters().get("code"));
        map.put("grant_type", request.getRequestParameters().get("grant_type"));
        map.put("response_type", request.getRequestParameters().get("response_type"));
        //TODO 需要查询一下要跳转的Client_id配置的回调地址
        map.put("redirect_uri", "http://127.0.0.1:8080");
        map.put("client_id", clientId);
        map.put("state", request.getRequestParameters().get("state"));
        request = new OAuth2Request(
                map,
                clientId,
                request.getAuthorities(),
                request.isApproved(),
                request.getScope(),
                // 模拟用户登录
                request.getResourceIds(),
                map.get("redirect_uri").toString(),
                request.getResponseTypes(),
                request.getExtensions()
        );
        Authentication authentication = tokenStore.readAuthentication(token);
        OAuth2Authentication auth = new OAuth2Authentication(request, authentication);
        OAuth2AccessToken new_token = defaultTokenServices.createAccessToken(auth);
        return "redirect:/user_info?access_token=" + new_token.getValue();
    }

}
